diff options
author | Martin André <m.andre@redhat.com> | 2017-06-28 17:10:27 +0200 |
---|---|---|
committer | Martin André <m.andre@redhat.com> | 2017-06-30 08:34:42 +0200 |
commit | 425c9d4e47898221832f01287ad165833ceab3cd (patch) | |
tree | 8a46ff5c30225176afffead7075e3b07dea482d0 /docker/services | |
parent | a396ac325af8950acb18227f1a6a487159776020 (diff) |
Ensure boostrap_host_exec runs as root
This is necessary for accessing the bind mounted hieradata in the
container in order to determine if the node is the primary node.
With the new validation added to yaml-validate.py, we could spot
potential issues in sahara-api and keystone bootstrap tasks.
The keystone one is a false positive, as the image defaults to the root
user in order to be able to run apache. Still, it is better to be
consistent here and specify the root user nonetheless.
Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846
Closes-Bug: #1697917
Diffstat (limited to 'docker/services')
-rw-r--r-- | docker/services/keystone.yaml | 2 | ||||
-rw-r--r-- | docker/services/sahara-api.yaml | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml index 011ffaaa..b6cfa21e 100644 --- a/docker/services/keystone.yaml +++ b/docker/services/keystone.yaml @@ -113,6 +113,7 @@ outputs: keystone_db_sync: image: *keystone_image net: host + user: root privileged: false detach: false volumes: &keystone_volumes @@ -152,6 +153,7 @@ outputs: keystone_bootstrap: start_order: 3 action: exec + user: root command: [ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ] docker_puppet_tasks: diff --git a/docker/services/sahara-api.yaml b/docker/services/sahara-api.yaml index 55c42abd..32d64583 100644 --- a/docker/services/sahara-api.yaml +++ b/docker/services/sahara-api.yaml @@ -92,6 +92,7 @@ outputs: net: host privileged: false detach: false + user: root volumes: &sahara_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} |